Hacking & Security Posts - Page 10

Even though mobile malware targeting the Google Android operating system is increasing, actual infection rates are still relatively low, according to cybersecurity experts. Unfortunately, it looks like almost 1 out of every 5 Android apps were "malware in disguise," according to the newest Symantec Internet Security Threat Report.

Over one-third of all Android apps are "madware," or "grayware," designed to increase the number of ads that a mobile user sees. In addition, Symantec noted the first infection by mobile ransomware, which encrypts data on a victim's phone until a ransom is paid.

Android, the No. 1 mobile OS based on market share, has an open infrastructure that makes it even more flexible to use by each phone manufacturer - but also gives cybercriminals the ability to create better malicious apps.

There might be numerous instances of mobile malware in the wild, but the matter is overhyped and not as frightening as perceived, according to advanced threat detection firm Damballa. It turns out you're more likely to be struck by lightning than suffer a mobile malware infection.

In network traffic monitored in 2014, 9,688 of 151 million mobile devices tried to access black list domains from mobile devices. Mobile operators are focusing more on security for smartphones and tablets, which is making it more difficult for malicious apps to compromise devices.

"This research shows that mobile malware in the United States is very much like Ebola - harmful, but greatly over exaggerated, and contained to a limited percentage of the population that are engaging in behavior that puts them at risk for infection," said Charles Lever, senior scientific researcher at Damballa.

Cybercriminals launching ransomware attacks typically demand immediate payment with very little paper trail - and that often means relying on bitcoin transactions. However, the anonymity of bitcoins is now being overlooked due to the volatility of the cryptocurrency, with hackers converting the funds quickly.

The cyber group responsible for infecting users across the world with Cryptolocker likely made over $3 million before it was targeted by investigators. Besides pre-paid cash cards, bitcoins - which were once valued at more than $1,100 each, but now worth less than $250 - make it less appealing for money laundering behavior.

"I've seen this discussion in underground forums among Russian criminals," said Etay Maor, senior fraud prevention strategist of IBM Security, in a statement to The Register. "They use Bitcoin for the money laundering part and take payment with it, but they'll move it out almost immediately. Most of them won't keep bitcoins - they don't like the valuations Bitcoin has - so they just use it as a layer of obfuscation, and move it to a different form of money."

Venture capitalists are pouring money into cybersecurity companies, with high-profile data breaches still capturing headlines. Security companies supported by VCs in the United States generated a massive $1.77 billion in 2014, a figure higher than the previous record of $1.62 billion generated in 2000, according to statistics.

There is increased flexibility in the cybersecurity sector, with companies providing protection to consumers, corporations, hardware infrastructure, software, and specialized niche services.

As the Internet of Things (IoT) generates headlines for its beneficial flexibility for consumers, there is an underlying concern related to connected security. "It's a huge threat," said Alex Doll, founder of the TenEleven Ventures capital firm focusing on information security, in a statement to the Wall Street Journal. "It's great that everything is connected, but all that data is one click away" from being hacked.

Continued cyberattacks against US residents rack up an impressive number of victims, with twice as many Americans reporting a breach following year-over-year statistics analysis. Unfortunately, one in five consumers say they suffered a credit score hit due to identity theft - and financial experts recommend shoppers request a credit report to check on any problems.

However, eight in 10 Americans note they have become more proactive in protecting their own personal information, as more than half of surveyed consumers aren't entirely sure if companies can keep personal data safe.

"The increase in data breaches affecting personal information has given consumers significant cause to be cautious about their activities, both online and off," said Ernie Almonte, chairman for the American Institute of CPA's National CPA Financial Literacy Commission, in a statement published by MoneyWatch.

The United States government understands it is a prime target for cybercriminals across the world, especially organized crime and state-sponsored hackers trying to conduct cyberespionage. John Carlin, Assistant Attorney General for National Security, spoke during RSA about the mentality of teaching foreign actors "that it is not okay to steal from American companies."

Even though the NSA has sophisticated cyberespionage capabilities, the government didn't pay enough attention to keeping critical infrastructure secure. The government is trying to catch up and will make changes, but is ready to put political and economic pressure on select governments for their cyber actions.

However, there are more aggressive tactics possible, including the indictment of five senior leaders of the People's Liberation Army (PLA) in China last year - and economic sanctions placed on North Korea for its reported involvement in hacking Sony.

The US government wants to improve its cybersecurity and recruit skilled workers, but is struggling because of lackluster recruitment programs leading to an underwhelming cybersecurity labor pool, according to the Partnership for Public Service and Booz Allen Hamilton.

In 2014, there were almost 70,000 cyber intrusions that negatively impacted the governments' networks and systems, the Government Accountability Office (GAO) reported earlier in the year.

"Our interconnected world requires a seamless team of cyber defenders to protect our networks," according to the report. "Those defenders must be able to operate quickly and collaboratively in ways that cut across both private and public organizations."

reTXT Labs recently launched reTXT, a secure and private mobile messaging app, so users have more control of text messages. The messaging service uses end-to-end encryption to help make sure outsiders are not likely to be able to snoop on messages. It's a unique offering for consumers, as most of the security-focused messaging services are designed more for the corporate world.

reTXT users can edit sent messages, delete sent messages, clarify any misunderstood messages, name group message threats, and opt in or out of group messages. In addition, it's even easier to send photo and video messages or use a device's microphone to send voice messages, the company noted.

"The tools we provide make texting and messaging easier for the person who communicates privately with family, friends and colleagues every single day," said Kevin Wooten, co-founder and CEO of reTXT Labs.

Cybercriminals, largely motivated by breaching networks to steal money and collect personal information, are becoming more difficult to identify, according to a leading cybersecurity expert.

"In 2010, when responding to breaches, almost every time we'd look at the evidence and we kinda knew who [the hackers] were," said Kevin Mandia, president of FireEye, in a statement published by Re/Code. "Right now we're starting to get more groups that we're labeling unknown. We have like 400 of them."

There is increased focus on cybersecurity, but trying to accurately identify and track threat actors - while preventing them from breaching networks - is an extremely complex issue. Unfortunately, companies must realize that they are likely to suffer a data breach at some point, and should focus more on breach crisis to ensure they can bounce back as quickly as possible.

The South Korean government believes they have found evidence that shows North Korea is behind cyberattacks aimed at its financial sector and nuclear operators. The malicious code was designed to delete files from infected PCs, which prevented banking customers from transferring money online or withdraw money in-person.

"The malicious codes used in the attack were same in composition and working methods as 'Kimsuky' codes known to be used by North Korea," according to the South Korean prosecutor's office, and noted by CNN. In addition, some IP addresses were traced back to Shenyang, China, which is along the border between China and North Korea - with North Korea reportedly relying on China's more established Internet infrastructure to launch attacks.

North Korea's growing cyber ability tends to be focused on South Korea, with financial institutions, nuclear power operators, and private sector companies all targeted in the past.